diff options
| author | Martin Willi <martin@strongswan.org> | 2006-02-14 14:52:00 +0000 |
|---|---|---|
| committer | Martin Willi <martin@strongswan.org> | 2006-02-14 14:52:00 +0000 |
| commit | ce461bbd13c5ea6a94ba0b34cbb4d1be8159b67e (patch) | |
| tree | d3ba1aa2e97e7aeb7b24163d4b8671abbeb9a7c9 /Source/charon/encoding/payloads/notify_payload.c | |
| parent | 409d010131f14e551e0645e9b88ad7621d08b781 (diff) | |
| download | strongswan-ce461bbd13c5ea6a94ba0b34cbb4d1be8159b67e.tar.bz2 strongswan-ce461bbd13c5ea6a94ba0b34cbb4d1be8159b67e.tar.xz | |
- refactored ike proposal
- uses now proposal_t, wich is also used by child proposals
- ike key derivation refactored
- crypter_t api has get_key_size now
- some other improvements here and there
Diffstat (limited to 'Source/charon/encoding/payloads/notify_payload.c')
| -rw-r--r-- | Source/charon/encoding/payloads/notify_payload.c | 16 |
1 files changed, 15 insertions, 1 deletions
diff --git a/Source/charon/encoding/payloads/notify_payload.c b/Source/charon/encoding/payloads/notify_payload.c index dccc9d169..ee4b44e9e 100644 --- a/Source/charon/encoding/payloads/notify_payload.c +++ b/Source/charon/encoding/payloads/notify_payload.c @@ -180,8 +180,22 @@ static status_t verify(private_notify_payload_t *this) return FAILED; } - /* notify message types and data is not getting checked in here */ + /* TODO: Check all kinds of notify */ + if (this->notify_message_type == INVALID_KE_PAYLOAD) + { + /* check notification data */ + diffie_hellman_group_t dh_group; + if (this->notification_data.len != 2) + { + return FAILED; + } + dh_group = ntohs(*((u_int16_t*)this->notification_data.ptr)); + if (dh_group < MODP_1024_BIT || dh_group > MODP_8192_BIT) + { + return FAILED; + } + } return SUCCESS; } |